1. In computer security, the authorization and approval–granted by a designated authority to a data processing system, computer network, organization, or individual–to process sensitive information or data. [2382-pt.8] 2. Formal declaration by a designated approving authority that an information system (IS) is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk. [INFOSEC-99]